On Thu, Feb 12, 2009, JXu wrote: > > Hi Guys, > > I try to make openssl fips build under windows, In visual studio 2005 > command prompt, I did following step: > > 1) go to c:\openssl-fips-1.2.0, type > perl Configure no-asm VC-WIN32 > ms\do_fips >
That's a violation of the security policy. You should do: ms\do_fips or ms\do_fips no-asm Don't use no-asm unless you have to. You get considerably poorer performance. > 2) go to c:\openssl-0.9.8j, type > perl Configure VC-WIN32 no-asm fips --with-fipslibdir= > c:\openssl-fips-1.2.0\out32dll > ms\do_ms > nmake -f ms\ntdll.mak > > I only got libeay32.lib in c:\openssl-0.9.8j\out32dll. > My question is the libeay32.lib is FIPS compliant. Or we have a way to > produce libeayfips32.lib? > It will be compliant once you build the validated module correctly. Any application has to comply with the security policy too of course. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org